In addition to the main Zoom sign-in procedure, two-factor authentication (2FA) entails receiving a one-time code gained from a mobile app or text message in addition to the main Zoom sign-in procedure. In order to access the Zoom web portal, desktop client, mobile app, or Zoom Rooms, users will need access to their phone to sign in. That provides an additional layer of security.
Admins can enable users to use 2FA, requiring them to set up and use it in order to be able to access their accounts. The admins of the company can also reset an existing two-factor authentication setup if a user has lost access to his or her 2FA app.
Note: Zoom requires a time-based one-time password (OTP) if it detects an unusual login from a different country or device than normal if two-factor authentication is disabled for users with a work email login type.
This article covers:
- How to enable 2FA (admin)
- How to reset 2FA for a user
- Reset two-factor authentication for select users
- How to set up 2FA (user)
- Use two-factor authentication through the authentication app
- Use two-factor authentication through SMS
- How to sign in using 2FA (user)
- How to sign in using a 2FA recovery code (user)
- How to edit your 2FA setup (user)
Prerequisites for two-factor authentication (2FA)
- Admin rights or account owner rights
Set up and use 2FA
- A number that can receive SMS; or
- Using a 2FA app that supports the TOTP protocol on an Android or iOS device. We recommend the following apps.
- We recommend Authenticator by Google (Android and iOS).
- Windows, iOS, BlackBerry Authenticator.
- Android and iOS users may use FreeOTP (free app).
- For Windows, macOS, and Linux, the Zoom desktop client version 5.2.2 or higher is available
- The Zoom Rooms for Conference Room have been upgraded to version 5.2.1 or higher for Windows and Mac OS X
- Users whose login type matches a work email (email address and password)
How to enable 2FA (admin)
For all your account users, specific roles, or specific groups, you can enable two-factor authentication.
- Log in to the Zoom web portal as an administrator.
- Under Advanced, select Security.
- Activate or deactivate Two-Factor Authentication by clicking the Sign in with Two-Factor Authentication toggle.
- Verify the change by clicking Enable or Disable in the verification dialog.
- (Optional) Change this setting to mandatory for all users in your account by clicking the lock icon and clicking Lock after you confirm the change.
- To enable 2FA for certain users, select a particular option:
- All users in your account:
- This option enables 2FA for all account users.
- Users with specific roles:
- Select the roles you want to enable 2FA for:
- Select the pencil icon.
- Choose your roles.
- Select OK.
- Users belonging to specific groups:
- You can enable two-factor authentication for users in the specified groups:
- Select the pencil icon
- Next to the group name.
- Tap the OK button.
- Tap Save.
- Make sure your users are aware of how to set up 2FA.
How to reset 2FA for a user
In the event of a user losing access to their 2FA setup, it can be reset. Their device has been misplaced, their 2FA app has been uninstalled, or Zoom has been removed from their 2FA app.
- Zoom’s web portal can be accessed by signing in.
- Select User Management under Users in the navigation menu.
- Find the user whose 2FA you wish to reset, and click Edit.
- Go to the profile of the user you want to reset two-factor authentication for, by clicking on their email or name ID.
- Click on the Reset button under Two-factor Authentication under the Sign In tab.
As soon as the user logs into Zoom the next time, he or she will be asked to re-establish 2FA in the Zoom Web Portal.
Reset two-factor authentication for select users
- Sign in to Zoom.
- Select Advanced, then Security from the menu.
- You can reset two-factor authentication for selected users by clicking Reset two-factor authentication.
- Put the email address or username that you want to reset in the Reset two-factor authentication dialog box.
- This will reset all selected users’ settings.
- Reset the two-factor authentication with your password.
- You can confirm the reset by clicking Reset for ___ Users.
How to set up 2FA (user)
When you sign in to the Zoom portal, you need to set up two-factor authentication (2FA) if your Zoom admin has enabled this option for you.
- After your administrator has enabled 2FA on the Zoom web portal, you need to log in.
- Select the option of authenticating with an authentication app or a text message.
- If you selected a text message, you will need to follow the following steps:
Use two-factor authentication through the authentication app
- Your mobile device must be open to use the 2FA app.
- Scan a QR code using your mobile device. Locate the QR code icon on the camera.
- Use the Zoom web portal to scan the QR code.
A 6-digit, one-time code will be generated by the 2FA app.
- Tap Next.
- You will be required to enter the 6-digit code, then click Verify.
A list of recovery codes will be displayed by Zoom. You can use an automatic 6-digit code to sign into your mobile device if you lose it instead of a recovery code if you lose your mobile device.
- If the code cannot be verified. The QR code will be displayed again.
- To save the recovery codes, click Download or Print. You can only use one recovery code per computer.
- Finally, click Done.
Use two-factor authentication through SMS
- Your phone number should have a country code.
- Your 2FA codes will be received at that number. Do not use hyphens.
- Send the code.
Your number will receive a 6-digit, one-time code from Zoom.
- Check your SMS for instructions.
- The SMS code should be copied and pasted into Zoom’s web portal.
- Verify the information.
Click on ‘View Recovery Codes’. A recovery code can be used to sign in instead of a 6-digit code if you lose your mobile device.
- If you aren’t able to verify the code. Click Back then try again.
- Click Download or Print to store the recovery codes. Each recovery code can only be used once.
- Click Done.
How to sign in using 2FA (user)
- Register with Zoom on the web, through the desktop client, the mobile app, or in a Zoom Room.
Enter your SMS code if you are using 2FA.
When Zoom asks for your 2FA code, you can apply it to your 2FA app or obtain it via SMS.
- You can view the SMS from Zoom or apply it to the app.
- On the 2FA phone app or SMS you will see a code of 6 digits.
- Just click “Verify”.
How to sign in using a 2FA recovery code (user)
It is possible to sign in using a recovery code you obtained when you set up two-factor authentication (for example, if you misplaced your device, uninstalled your 2FA app, or removed Zoom from your 2FA app), if you no longer have access to your 2FA codes.
If you need to reset your 2FA setup, you can contact your admin. You will be asked to set up two-factor authentication again whenever you log into Zoom’s web portal, desktop client, or mobile app.
- Join Zoom on the web, on the desktop client, on the mobile app, or in a Zoom Room.
- Instead of entering the password, enter a recovery code.
- Select the recovery code you received during setup. You can only use one recovery code at a time.
- Sign in by clicking Verify.
- Adding a new device to your 2FA setup is optional if you lost access to your 2FA device.
How to edit your 2FA setup (user)
It’s possible to edit your existing 2FA setup so you can remove a device, add another device, view recovery codes, or remove 2FA from another device.
- Zoom’s web portal requires a Zoom account.
- Click Profile from the navigation panel.
- You can set up 2FA on a new device or delete an existing setup from the Two-factor Authentication section under Sign In:
- Authentication App
- Set Up:
- Install an app that supports two-factor authentication. If you do not have a 2FA setup that uses a 2FA app, this option will not be visible.
- Change Device:
- You need to setup 2FA again using a 2FA app that is supported. In order to see this option, you must already have a setup that uses a 2FA app as part of your existing 2FA setup.
- Remove Device:
- Deleting the existing 2FA setup from your device.
- Set Up:
- Use a receiving phone number to set up 2FA. If you have not already set up SMS 2FA, this option is not available.
- Remove Phone:
- Remove existing SMS 2FA configurations.
- Recovery Codes:
- View the list of recovery codes by clicking View Codes.